5 matches found
CVE-2024-8608
CVE-2024-8608 corresponds to a Stored XSS in Oceanic Software’s ValeApp, caused by improper neutralization during web page generation. Affected: ValeApp versions prior to 2.0.0. Impact and exploit details are not provided beyond the XSS claim in the sources; mitigation guidance from PT-2024-39129...
CVE-2024-8609
ValeApp (Oceanic Software) prior to version 2.0.0 has a vulnerability that allows insertion of sensitive information into log files, which can enable a query system for information. Impact and exact exploit details are not fully provided in the sources, but PT-2024-39130 notes that versions befor...
CVE-2024-8644
ValeApp (Oceanic Software) is affected by a vulnerability described as cleartext storage of sensitive information in a cookie that allows protocol manipulation / JSON hijacking. The issue impacts ValeApp versions prior to 2.0.0. Likely impact is exposure of sensitive data via cookies and potentia...
CVE-2024-8607
CVE-2024-8607 affects ValeApp by Oceanic Software, with the vulnerability lying in improper neutralization of special elements in SQL commands (SQL Injection) in ValeApp versions before 2.0.0. Reported impact aligns with high-severity scores (CVSS v3.1: 9.8, NETWORK, HIGH confidentiality/integrit...
CVE-2024-8643
The CVE-2024-8643 entry relates to ValeApp from Oceanic Software and is supported by PT-2024-39148 details: versions prior to 2.0.0 are affected by a Session Fixation flaw that enables Brute Force and Session Hijacking. The vulnerability description explicitly ties the issue to the authentication...